cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post

Update to Network Security Rulesets

A new compliance ruleset- AWS Dome9 Network Alerts for default VPC components will be available in CloudGuard Dome9 within next 5-10 business days. This ruleset supports aligned with architectures that include Security Groups, Gateways, Route Tables, NACLs and is based on  AWS Guidelines: https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#default-vpc-components.

 

In addition to this new ruleset, we will be enhancing the existing network security rulesets for AWS, Azure and GCP by adding rules coverage for the additional ports as follows:

  • 100 New rules added for AWS Dome9 Best Practices
  • 100 New rules added for AWS Dome9 Network Alerts
  • 25 New rules added for Azure Dome9 Best Practices
  • 25 New rules added for Azure Dome9 Network Alerts
  • 25 New rules added for GCP Dome9 Best Practices
  • 25 New rules added for GCP Dome9 Network Alerts

 

List of ports added: 

Port

Protocol

Service Name

Application

23

TCP

Telnet

Telnet

445

TCP

Microsoft-DS

CIFS / SMB

53

UDP

DNS

DNS

5500

TCP

VNC Listener

VNC

5900

TCP

VNC Server

VNC

 

How does this change affects us?

If you are utilizing Security Groups, Gateways, Route Tables, NACLs, it is recommended to start using AWS Dome9 Network Alerts for default VPC components instead of AWS Networks Alerts ruleset, to reduce the amount of false positive findings you may encounter using AWS Dome9 Network Alerts.

Updates to existing rulesets will result in a more comprehensive testing, thereby increasing the number of rules which will affect your overall compliance score (it can go up or down depending on the environment)

For more information on the updated network security ruleset, you can refer to :

0 Kudos